From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3DFD7C197A0 for ; Thu, 16 Nov 2023 04:47:29 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B85EA440150; Wed, 15 Nov 2023 23:47:28 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id B376E440009; Wed, 15 Nov 2023 23:47:28 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9FD69440150; Wed, 15 Nov 2023 23:47:28 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 90792440009 for ; Wed, 15 Nov 2023 23:47:28 -0500 (EST) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 682DE160285 for ; Thu, 16 Nov 2023 04:47:28 +0000 (UTC) X-FDA: 81462583776.10.05E3BFE Received: from mail-pg1-f206.google.com (mail-pg1-f206.google.com [209.85.215.206]) by imf16.hostedemail.com (Postfix) with ESMTP id BF3C5180004 for ; Thu, 16 Nov 2023 04:47:26 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=none; spf=pass (imf16.hostedemail.com: domain of 33Z5VZQkbAKIUabMCNNGTCRRKF.IQQINGWUGTEQPVGPV.EQO@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.215.206 as permitted sender) smtp.mailfrom=33Z5VZQkbAKIUabMCNNGTCRRKF.IQQINGWUGTEQPVGPV.EQO@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1700110046; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references; bh=B60E/VSdBhhfKFYxTN6YDvuRBN0E3qm6OgTMvsAq+pU=; b=MTTmSLMmT+QJQBMF9blpPVUvWp6hArHbKiybu+gtCAGn4O5r6DtaiEQC1Ryr2hUidA4gTu M7e13OieB9zTVGTZHyAK1Ih5v38cWu+a8Qq0gzN6cGtGWwokPJBkt14rTv/HuOHOzqznu0 RK+LCVLTMf6/dvoJGCOtwzHQ2E6z4xU= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1700110046; a=rsa-sha256; cv=none; b=La9iLIxU2nkS60UwtOYGs06M0ACnAgpgIZ7CBABK49S81iG4GZyNoahHYyUaBAS026ZliD ltOG6rnvLk4YyCEVvN4UHNes5J1OvCD1qFR18aUY9Icn+1jFob07qySrZqetiMMMpYBq+6 A+ZIXVupkqIdHuH3IKl3/YFrPiHWZAs= ARC-Authentication-Results: i=1; imf16.hostedemail.com; dkim=none; spf=pass (imf16.hostedemail.com: domain of 33Z5VZQkbAKIUabMCNNGTCRRKF.IQQINGWUGTEQPVGPV.EQO@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.215.206 as permitted sender) smtp.mailfrom=33Z5VZQkbAKIUabMCNNGTCRRKF.IQQINGWUGTEQPVGPV.EQO@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none) Received: by mail-pg1-f206.google.com with SMTP id 41be03b00d2f7-5bdfe231998so492300a12.1 for ; Wed, 15 Nov 2023 20:47:26 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700110045; x=1700714845; h=to:from:subject:message-id:in-reply-to:date:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=B60E/VSdBhhfKFYxTN6YDvuRBN0E3qm6OgTMvsAq+pU=; b=esAKsHQ+lzEMLldR9A+HmKTnImHASAy55tuBqfKznC4uI0rpjqgQ6I1tHkPfo23nli CsTLZBvvq9JQ0r25AhBG6RhJJpys7KN4NCz15+6C/Ht17e1cmZAqV/yM/k9Gi+FzPc9v rog0ieFFI2xhtt/RVI/E74QSrMwxvvZBSyHGNItCvMAJoPSr7qYRnouUtlGjAs2Jlg9K 8ZdGz6anXAmPKuP+hMkkAPGV7w2xAJnHLfMNTIiScb0P0KMVnSqhtSmayHijtjVLTStk lVrfXR01yvZv6B7igB9jeDe7swsaCiKPFnwhjei+VaY7b++D+tIjSMlrSBjN0+M86jIX YRUg== X-Gm-Message-State: AOJu0YzF4f3mqzFJVb864O0wuzVohJxjVA6R7YjF74M9HHiNbwQjw7Je WsRJaxFZnXj/BT9o5Oa5XgEyTIPBzK9Vccv7h4rmsvfWwX0r X-Google-Smtp-Source: AGHT+IHPtyQjXNQZPaOSDXTVSo/+hmMbdHFhPf7MQsja0dDhW1Ykr1q//Kd4+tGp+xY4ldpBErXeZFx0yDI+amb/6KjaSarLSwIN MIME-Version: 1.0 X-Received: by 2002:a63:2603:0:b0:5bd:29ba:452a with SMTP id m3-20020a632603000000b005bd29ba452amr143632pgm.6.1700110045561; Wed, 15 Nov 2023 20:47:25 -0800 (PST) Date: Wed, 15 Nov 2023 20:47:25 -0800 In-Reply-To: <000000000000bc90a60607f41fc3@google.com> X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <000000000000584a26060a3db788@google.com> Subject: Re: [syzbot] [kasan?] [mm?] WARNING in __kfence_free (3) From: syzbot To: akpm@linux-foundation.org, andreyknvl@gmail.com, dvyukov@google.com, elver@google.com, glider@google.com, kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, muchun.song@linux.dev, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" X-Stat-Signature: 54fr9gdktwzx4kyza31ajehecn5ts7tt X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: BF3C5180004 X-Rspam-User: X-HE-Tag: 1700110046-869531 X-HE-Meta: U2FsdGVkX1/pnZzKtYHPyTfieeVmHTRt3SRq4WNVnUapaYXPoxVFLDIZxvCh1UwC15CPDBhNEqRrd76aWWT56YQQF40uioWGPzd0aNX68ZM3KYhwt9x4YUa1hNA2owce62rfgH8EZwpQHQVoppd4H+lfmyMD84RdgVRpdD7TR8W+Q1tO1EloN6pSdYVTKCoPh45Z6z6eGaZuOnFXO/Ni/RfzKRq+WxZS31YWm//65WfjCvYsG0u4KfjA2vwtRHJw8uhfq18aqnsPq7JWAIUUC9SLGjlQugrIuBLDqYvQPTqM8iBEN3+nwNwT+CsZpRB7BBl5fric5w0Loe9H2cEQlSj4TrTGcyBAiYJQdcqrObdIGdFpcO2RtYhlqF43BAGjyPyPoIMU22UlbMctj2INwxc0mqxpZhAlGk1hhLB4wLjWL9mVDvUmVHfrf8yWo90Sb8uPjnC14zETiNZyG8hAX8k1aFqE14F/AiCDVLMVe9oUGQblvwOu4CEjYAay56S/NPUFUddovkdPglDBRbhEvzp7TARigGcdvdhN/G78kpeLRKYc/ARPaPcMMiRYqAD6giVcgeDuCerPi+c9RRBQbD5aQtqJFn6RhfY46Pj1tNz77T4pov8sp/HeBE30oxXKjoXcvgniy5ib836qOOBVqOOKLmgLzeZG4P1fBFulwzWLDVIvK1tIPcFVoB0VkLDktZqSGHepmjZiDtLg+lsDyOFn4R1xflRtSCrAzS49mWBMpd1YWR5Ix4J5EnzLb3klBm9mXTc6JartdbkBylPB7H8XWHA4hcEGfcYuxhOY2MVELDySXDfZg/5e0jEWvMEG0yo9nlQDywqMOBU2zczrx/YyYRYgR08NGPKs3Os9qPT5V/G7Pn1noj8POAdMv5sXGMOPrTUJa0GXf2/tJRYOLU6pgbPhOtsPlbmNHYMB9myD0QlmtelBZwY92GgUzuR370tnfuVOe4wMIKNu0uL MrKaOjUc bO1TjC9b4WYwgp0gF6Ee7n0rFefScfnEacV2bD64K+KHeak9OZTYco50x/L27seYdKioZXP4XRgK8dNaXpqL+nnTAW0UezNNcqTmWMnHV5fnb81dEN5l02C9a1xnIBVoFidSIMZzwHQIg9KoWpa3rMJ4uNqyBJ48HXHDdXaX33fzr94/RuqZ26oceXoIlp6AEYdWggQpdX+NCvHDyU4ChoMNIi3F/zXpNWSIdssmPQH+c0TpZQ4qsnUX7yspzejITaKv5Se03e0lAxS7LpEO/JYpvNiia53SaRVFUONgD196+ITUGmKzU0LDvqe2mRWYTOO/T1FtEUcWZ25sJOHMYHXe7/uKCvZ6S0s2ary8TniPtQr3qXU2loavwXLXE7eEEC+GiLHhYz9FE7L+fIfVJ8R443x6M+/29nWxkBmnrrMyxVCsYT9KeuDvrLXqso/pNz+MrmrCRqNiHCrZlNOCwL6Wl4dLL0IRD4hZHIQbF5zmJbE3WfXBn/CuUiO0cDnNpSfeQI90xSE6DeG44oHbsdqCXXdC+Z9nDyhHVMebNx2VYVd+sJDblHyH9yNpD8WBUAtuO3bKafcdb+Kn6/CwD6oRcWpbJarFjsV+XMtMYoOVcVE7vGd8EuYfZafKOBkmiOfXF4BMhlGHnk9+42wdCmR7/nSwhdDUQJa/c/dxXg6n6TpETjxB1/Gvfi9wD9ZZEo10w3FsmyeQ3Rrz82LdsP+YCUqz0LqHyl5UOJNYytTk7x90DBjYSwFLC2P/EMCOlNJEBgE2iKvWCfSjRlauQKwR2heeFzqkLPy1jxeDFR5t7d2YD6aQJo6siE/nnl2lk+w9ZxzFoVFfYBPEL44kUaqaiDLZHdSHyMDPPPE+mpofobof38sZW7R4a6d4p7hBoOp7sC1ZeK4o07UNqLDKX6zaMf/WUb4ENDuNl5X34zZPc3VvXR0E1ZbD7yKdu6rLbtNz9LHBSi9yI1XJM502ZzARf2qtA B43Emcdm OEmxqN8xmWAPLd9ygra/GafFl6RZcLy2K5RsYl0dpqJCd/SJxZ6zM5JVisfH9k+BFX5Cvw3eeQrInzxAFS83C/9He/DOf3Bg8DIakDqqQ27Dao9r27hONtqF5gNTdHcxpYVU2AfmKHVdrUi9Y+FgrV2hax7qcRe/znZwUBcYkuGSak2MYn42rNQifVHylB1tIdf0H1Q+s4470Vw/+1u//Q== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000046, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: syzbot has found a reproducer for the following issue on: HEAD commit: c42d9eeef8e5 Merge tag 'hardening-v6.7-rc2' of git://git.k.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=13de8198e80000 kernel config: https://syzkaller.appspot.com/x/.config?x=65a222833c8bc575 dashboard link: https://syzkaller.appspot.com/bug?extid=59f37b0ab4c558a5357c compiler: aarch64-linux-gnu-gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 userspace arch: arm64 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15bd8f98e80000 Downloadable assets: disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/384ffdcca292/non_bootable_disk-c42d9eee.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/e62e8cdf4401/vmlinux-c42d9eee.xz kernel image: https://storage.googleapis.com/syzbot-assets/d4650ef9b454/Image-c42d9eee.gz.xz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+59f37b0ab4c558a5357c@syzkaller.appspotmail.com ------------[ cut here ]------------ WARNING: CPU: 0 PID: 138 at mm/kfence/core.c:1147 __kfence_free+0x7c/0xb4 mm/kfence/core.c:1147 Modules linked in: CPU: 0 PID: 138 Comm: kworker/u4:6 Not tainted 6.7.0-rc1-syzkaller-00019-gc42d9eeef8e5 #0 Hardware name: linux,dummy-virt (DT) Workqueue: events_unbound bpf_map_free_deferred pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) pc : __kfence_free+0x7c/0xb4 mm/kfence/core.c:1147 lr : kfence_free include/linux/kfence.h:187 [inline] lr : __slab_free+0x48c/0x508 mm/slub.c:3614 sp : ffff800082c3bbb0 x29: ffff800082c3bbb0 x28: faff000002c03e00 x27: 0000000000000000 x26: f4ff000002c18028 x25: ffff00007ff8f138 x24: ffff00007ff8f000 x23: 0000000000000001 x22: ffff00007ff8f000 x21: ffff00007ff8f000 x20: ffff80008024297c x19: fffffc0001ffe3c0 x18: 0000000000000000 x17: 0000000000000000 x16: 0000000000000000 x15: 00000000200122aa x14: 0000000000000273 x13: 0000000000000000 x12: 0000000000000001 x11: 0000000000000001 x10: 40fbfcfeb3055ba3 x9 : 0000000000000000 x8 : ffff800082c3bc90 x7 : 0000000000000000 x6 : 0000000000000000 x5 : ffff80008024297c x4 : ffff00007f868000 x3 : ffff8000824a02b8 x2 : f0ff000008cd7140 x1 : ffff00007f8a1350 x0 : ffff00007ff8f000 Call trace: __kfence_free+0x7c/0xb4 mm/kfence/core.c:1147 kfence_free include/linux/kfence.h:187 [inline] __slab_free+0x48c/0x508 mm/slub.c:3614 do_slab_free mm/slub.c:3757 [inline] slab_free mm/slub.c:3810 [inline] __kmem_cache_free+0x220/0x230 mm/slub.c:3822 kfree+0x5c/0x74 mm/slab_common.c:1056 kvfree+0x3c/0x4c mm/util.c:653 bpf_map_area_free+0x10/0x1c kernel/bpf/syscall.c:325 htab_map_free+0x134/0x298 kernel/bpf/hashtab.c:1556 bpf_map_free_deferred+0x44/0x60 kernel/bpf/syscall.c:701 process_one_work+0x148/0x258 kernel/workqueue.c:2630 process_scheduled_works kernel/workqueue.c:2703 [inline] worker_thread+0x2b4/0x3cc kernel/workqueue.c:2784 kthread+0x114/0x118 kernel/kthread.c:388 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:857 ---[ end trace 0000000000000000 ]--- --- If you want syzbot to run the reproducer, reply with: #syz test: git://repo/address.git branch-or-commit-hash If you attach or paste a git patch, syzbot will apply it before testing.